CVE-2025-1723

Zohocorp ManageEngine ADSelfService Plus versions 6510 and below are vulnerable to account takeover due to the session mishandling. Valid account holders in the setup only have the potential to exploit this bug...

EUVD-2016-5488

Malware in sbrugna...

EUVD-2016-5810

Malware in sbrugna...

EUVD-2025-5812

Malicious code in bioql PyPI...

FS2 资源管理错误漏洞

FS2 is a combinatorial streaming I/O library for Scala open-sourced by typelevel.scala. A resource management error vulnerability exists in FS2 versions 3.12.2 and earlier and 3.13.0-M1 through 3.13.0-M6, which stems from mishandling of TLS sessions and can lead to denial of service attacks...

CVE-2025-1723

Zohocorp ManageEngine ADSelfService Plus versions 6510 and below are vulnerable to account takeover due to the session mishandling. Valid account holders in the setup only have the potential to exploit this bug...

CVE-2025-1723

Zohocorp ManageEngine ADSelfService Plus versions 6510 and below are vulnerable to account takeover due to the session mishandling. Valid account holders in the setup only have the potential to exploit this bug...

CVE-2025-1723 Account takeover

Zohocorp ManageEngine ADSelfService Plus versions 6510 and below are vulnerable to account takeover due to the session mishandling. Valid account holders in the setup only have the potential to exploit this bug...

CVE-2025-1723

CVE-2025-1723 affects Zohocorp ManageEngine ADSelfService Plus versions 6510 and earlier. The root cause is session mishandling in ADSelfService Plus, which can enable account takeover by valid users, especially when MFA is not enabled. Multiple connected sources (Red Hat advisory, NVD/NCSC/CVE r...

CVE-2025-1723 Account takeover

Zohocorp ManageEngine ADSelfService Plus versions 6510 and below are vulnerable to account takeover due to the session mishandling. Valid account holders in the setup only have the potential to exploit this bug...

PT-2025-9278 · Manageengine · Zoho Manageengine Adselfservice Plus

Name of the Vulnerable Software and Affected Versions: Zohocorp ManageEngine ADSelfService Plus versions 6510 and below Description: The issue is related to session mishandling, which can lead to account takeover. Valid account holders in the setup only have the potential to exploit this bug. The...

CVE-2020-11101

Sierra Wireless AirLink Mobility Manager AMM before 2.17 mishandles sessions and thus an unauthenticated attacker can obtain a login session with administrator privileges...

CVE-2020-11101

Sierra Wireless AirLink Mobility Manager AMM before 2.17 mishandles sessions and thus an unauthenticated attacker can obtain a login session with administrator privileges...

CVE-2020-11101

Sierra Wireless AirLink Mobility Manager AMM before 2.17 mishandles sessions and thus an unauthenticated attacker can obtain a login session with administrator privileges...

CVE-2020-11101

CVE-2020-11101 affects Sierra Wireless AirLink Mobility Manager (AMM) prior to 2.17. The issue arises from mishandling sessions, allowing an unauthenticated attacker to obtain a login session with administrator privileges. Public records across multiple sources confirm AMM versions before 2.17 ar...

CVE-2018-0696

OpenAM Open Source Edition 13.0 and later does not properly manage sessions, which allows remote authenticated attackers to change the security questions and reset the login password via unspecified vectors...

CVE-2016-4828

The CVE affects WordPress plugin Collne Welcart e-Commerce, prior to version 1.8.3. A vulnerability in session handling lets a remote attacker log in as a user by knowing the user’s e-mail address, granting user-level access and enabling arbitrary operations as described in multiple sources. Reme...